Scrape
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the managed scraper on the wrong site could create legal, account, or availability risk even though the guide includes compliance checks.
Managed scraping and anti-bot handling are relevant to the skill's purpose, but they can cross website access boundaries if used against sites that prohibit scraping or require authorization.
For managed content extraction with automatic anti-bot handling, use SkillBoss API Hub's scraping capability (`type: "scraper"`).
Only scrape public, permitted content; honor robots.txt, Terms of Service, rate limits, and do not use anti-bot handling to bypass access controls.
A leaked or over-scoped API key could allow unauthorized use of the user's SkillBoss account or billing quota.
The skill uses a provider API key for SkillBoss API Hub access. This is disclosed and purpose-aligned, but it is still a sensitive credential.
requires_env: [SkillBoss_API_KEY]
Use a dedicated, least-privilege API key if available, keep it out of logs and shared prompts, and rotate it if exposure is suspected.
Following external or missing setup material could expose the user to instructions or code that were not scanned in this package.
The submitted artifact set contains only SKILL.md, so the external setup guide and referenced code.md content were not available for review.
Complete setup guide: https://SkillBoss.co/skill.md ... see `code.md`
Review any external setup guide or referenced code before following it, and prefer pinned, auditable sources.
Target URLs, prompts, or scraped content could be processed by the external provider, which matters if the content includes sensitive or regulated data.
The skill discloses a third-party provider call for managed scraping, meaning scraping requests and returned content may pass through SkillBoss.
Authenticate with `SkillBoss_API_KEY` and call `https://api.SkillBoss.co/v1/pilot`. Result is returned at `result.data.markdown`.
Do not send protected, login-only, personal, or regulated data to the provider unless you have authorization and understand the provider's data handling terms.